<?php
namespace App\Http\Middleware;

use App\Models\AdminUser;
use Closure;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Redis;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\Cookie;

class AdminAuth
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @param  string|null  $guard
     * @return mixed
     */
    public function handle($request, Closure $next, $guard = 'adminweb')
    {
        if (Auth::guard($guard)->guest()) {
            if ($request->ajax() || $request->wantsJson()) {
                return response('Unauthorized.', 401);
            } else {
                return redirect()->guest('/console/login');
            }
        }
        $profile = Route::currentRouteName();

        if($profile) {
            $userid = Auth::guard($guard)->id();
            $cityid = $request->get('cityid');
            $districtid = $request->get('districtid');
            if(!$cityid) {
                //自行修改跳转页。
                return response('参数错误！', 400);
            }
            $cityauth = Redis::get('Admin:CityAuth:'.$userid);
            if($cityauth) {
                $cityauth = json_decode($cityauth,true);
            } else {
                $cityauth = AdminUser::where('id',$userid)->pluck('cityauth')->first();
                Redis::set('Admin:CityAuth:'.$userid,$cityauth);
                $cityauth = json_decode($cityauth,true);
            }
            if(!array_key_exists($cityid,$cityauth)) {
                //没有该城市的权限，自行修改跳转页。
                return response('您没有该城市的权限！.', 400);
            } else {
                if($districtid) {
                    if(!is_int(array_search($districtid,$cityauth[$cityid]))) {
                        //没有该区县的权限，自行修改跳转页。
                        return response('您没有该区县的权限！.', 400);
                    }
                }
            }

            $GLOBALS['Districtid'] = $cityauth[$cityid];
            $auth = Redis::get('Admin:Auth:'.$userid);
            if($auth) {
                $auth = json_decode($auth,true);
                if(is_int(array_search($profile,$auth))) {
                    return $next($request);
                } else {
                    //没有权限，自行修改跳转页。
                    //return response('您没有该模块的权限。', 400);
                    return response()->make(view('errors.403'));
                }
            } else {
                $auth = AdminUser::where('id',$userid)->pluck('auth')->first();
                if($auth) {
                    Redis::set('Admin:Auth:'.$userid,$auth);
                    $auth = json_decode($auth,true);
                    if(is_int(array_search($profile,$auth))) {
                        return $next($request);
                    } else {
                        return response()->make(view('errors.403'));
                    }
                } else {
                    //没有权限，自行修改跳转页。
                    //return response('您没有该模块的权限！.', 400);
                    return response()->make(view('errors.403'));
                }
            }
        }
        return $next($request);
    }
}
